Updated advisory posts against rubysec/ruby-advisory-db@13dc601

Author: jasnow

advisories/_posts/2026-03-18-GHSA-46fp-8f5p-pf2m.md

@@ -55,5 +55,8 @@ advisory:
   related:
     url:
     - https://github.com/flavorjones/loofah/security/advisories/GHSA-46fp-8f5p-pf2m
+    - https://github.com/flavorjones/loofah/releases/tag/v2.25.1
+    - https://github.com/flavorjones/loofah/commit/f4ebc9c5193dde759a57541062e490e86fc7c068
+    - https://github.com/advisories/GHSA-2j22-pr5w-6gq8
     - https://github.com/advisories/GHSA-46fp-8f5p-pf2m
 ---

advisories/_posts/2026-03-27-CVE-2026-33946.md

@@ -0,0 +1,61 @@
+---
+layout: advisory
+title: 'CVE-2026-33946 (mcp): MCP Ruby SDK - Insufficient Session Binding Allows SSE
+  Stream Hijacking via Session ID Replay'
+comments: false
+categories:
+- mcp
+advisory:
+  gem: mcp
+  cve: 2026-33946
+  ghsa: qvqr-5cv7-wh35
+  url: https://github.com/modelcontextprotocol/ruby-sdk/security/advisories/GHSA-qvqr-5cv7-wh35
+  title: MCP Ruby SDK - Insufficient Session Binding Allows SSE Stream Hijacking via
+    Session ID Replay
+  date: 2026-03-27
+  description: |
+    ### Summary
+
+    The Ruby SDK's [streamable_http_transport.rb](https://github.com/modelcontextprotocol/ruby-sdk/blob/main/lib/mcp/server/transports/streamable_http_transport.rb)
+    implementation contains a session hijacking vulnerability. An attacker
+    who obtains a valid session ID can completely hijack the victim's
+    Server-Sent Events (SSE) stream and intercept all real-time data.
+
+    ### Details
+
+    **Root Cause**
+
+    The StreamableHTTPTransport implementation stores only one SSE stream
+    object per session ID and lacks:
+
+    - Session-to-user identity binding
+    - Ownership validation when establishing SSE connections
+    - Protection against multiple simultaneous connections to the same session
+
+    ### Impact
+
+    While the absence of user binding may not pose immediate risks if
+    session IDs are not used to store sensitive data or state, the
+    fundamental purpose of session IDs is to maintain stateful connections.
+    If the SDK or its consumers utilize session IDs for sensitive operations
+    without proper user binding controls, this creates a potential security
+    vulnerability. For example: In the case of the Ruby SDK, the attacker
+    was able to hijack the stream and receive all the tool responses
+    belonging to the victim. The tool responses can be sensitive
+    confidential data.
+  cvss_v3: 8.2
+  patched_versions:
+  - ">= 0.9.2"
+  related:
+    url:
+    - https://www.cve.org/CVERecord?id=CVE-2026-33946
+    - https://github.com/modelcontextprotocol/ruby-sdk/releases/tag/v0.9.2
+    - https://github.com/modelcontextprotocol/ruby-sdk/security/advisories/GHSA-qvqr-5cv7-wh35
+    - https://github.com/modelcontextprotocol/ruby-sdk/blob/main/examples/streamable_http_server.rb
+    - https://github.com/modelcontextprotocol/ruby-sdk/commit/db40143402d65b4fb6923cec42d2d72cb89b3874
+    - https://hackerone.com/reports/3556146
+    - https://github.com/modelcontextprotocol/csharp-sdk/blob/main/src/ModelContextProtocol.AspNetCore/SseHandler.cs#L93-L97
+    - https://github.com/modelcontextprotocol/go-sdk/blob/main/mcp/streamable.go#L281C1-L288C2
+    - https://github.com/modelcontextprotocol/python-sdk/blob/main/src/mcp/server/streamable_http.py#L680-L685
+    - https://github.com/advisories/GHSA-qvqr-5cv7-wh35
+---

advisories/_posts/2026-03-27-CVE-2026-34060.md

@@ -0,0 +1,66 @@
+---
+layout: advisory
+title: 'CVE-2026-34060 (ruby-lsp): Ruby LSP has arbitrary code execution through branch
+  setting'
+comments: false
+categories:
+- ruby-lsp
+advisory:
+  gem: ruby-lsp
+  cve: 2026-34060
+  ghsa: c4r5-fxqw-vh93
+  url: https://github.com/Shopify/ruby-lsp/security/advisories/GHSA-c4r5-fxqw-vh93
+  title: Ruby LSP has arbitrary code execution through branch setting
+  date: 2026-03-27
+  description: |2
+
+    ## Summary
+
+    The `rubyLsp.branch` VS Code workspace setting was interpolated without
+    sanitization into a generated Gemfile, allowing arbitrary Ruby code
+    execution when a user opens a project containing a malicious
+    `.vscode/settings.json`.
+
+    Other editors that support workspace setting that get automatically
+    applied upon opening the editor and trusting the workspace are also
+    impacted since the server is the component that performs the interpolation.
+
+    ## Details
+
+    The `branch` CLI argument passed to the `ruby-lsp` server was
+    interpolated in the generated `.ruby-lsp/Gemfile` without sanitization.
+     Editors that allow defining settings saved at the workspace level
+    (e.g.: `.vscode/settings.json`) that gets automatically applied open
+    the possibility to craft a malicious repository that once opened and
+    trusted in the editor would run arbitrary code.
+
+    ## Impact
+
+    Code execution with the privileges of the user who opens the malicious
+    project. Ruby LSP assumes workspace code is trusted and so opening
+    the editor on an untrusted workspace can lead to executing potentially
+    dangerous code.
+
+    ## Remediation
+
+    The `rubyLsp.branch` setting has been removed entirely. VS Code extensions
+    auto-update by default, so most users will receive the fix without
+    action. Users who have disabled auto-updates should update to extension
+    version >= 0.10.2.
+
+    The `branch` CLI flag was also entirely removed from the `ruby-lsp`
+    gem. For users that don't add `ruby-lsp` to their Gemfiles, the
+    server should auto-update. Users with the `ruby-lsp` in the Gemfile
+    and locked to a specific version should update to >= 0.26.9.
+  cvss_v2: 7.5
+  cvss_v3: 9.8
+  cvss_v4: 7.1
+  patched_versions:
+  - ">= 0.26.9"
+  related:
+    url:
+    - https://www.tenable.com/cve/CVE-2026-34060
+    - https://github.com/Shopify/ruby-lsp/security/advisories/GHSA-c4r5-fxqw-vh93
+    - https://github.com/Shopify/ruby-lsp/releases/tag/v0.26.9
+    - https://github.com/advisories/GHSA-c4r5-fxqw-vh93
+---